Filter
Top Products
WRVS4400N User Guide 72
VPN Tab
Setting Up and Configuring the Router
IPSec Setup
Keying Mode—The router supports both IKE with Preshared Key (automatic) and Manual
key management. When choosing automatic key management, IKE (Internet Key Exchange)
protocols are used to negotiate key material for SA. If manual key management is selected, no
key negotiation is needed. Basically, manual key management is used in small static
environments or for troubleshooting purpose. Notice that both sides must use the same Key
Management method.
Encryption—The Encryption method determines the length of the key used to encrypt/
decrypt ESP packets. 3DES is supported. Notice that both sides of the VPN tunnel must use the
same Encryption method.
Authentication—Authentication determines a method to authenticate the ESP packets. Either
MD5 or SHA1 may be selected. Both sides of the VPN tunnel must use the same Authentication
method.
• MD5—A one way hashing algorithm that produces a 128-bit digest.
• SHA1—A one way hashing algorithm that produces a 160-bit digest.
Preshared Key— IKE uses the Pre-shared Key field to authenticate the remote IKE peer. Both
character and hexadecimal value are acceptable in this field. for example; "My_@123" or
"0x4d795f40313233". Both sides must use the same Pre-shared Key.
Key Lifetime—Specifies the lifetime of the IKE generated key. If the time expires, a new key will
be renegotiated automatically. The Key Lifetime may range from 1081 to 86400 seconds. The
default value for Phase 1 is 28800 seconds, and default value for Phase 2 is 3600 seconds
Group— For Diffie-Hellman key negotiation. There are 3 groups available for ISAKMP SA
establishment, 768-bit, 1024-bit, 1536-bit represent different bits used in Diffie-Hellman mode
operation. The default value is Group 768-bit.